CASES.LU

Glossary

  1. ▹ Antivirus
  2. ▹ Assets
  3. ▹ Authentication
  4. ▹ Availability
  5. ▹ Basic criteria for risk analysis
  6. ▹ Computer Hacks
  7. ▹ Confidentiality
  8. ▹ Control
  9. ▹ Cryptography
  10. ▹ Cybercrime
  11. ▹ Cybercriminals
  12. ▹ DRP – Disaster Recovery Plan
  13. ▹ Data backups
  14. ▹ Data loss
  15. ▹ Defacement
  16. ▹ Disinfect machine with a live CD
  17. ▹ Disposal
  18. ▹ Email
  19. ▹ Firewall
  20. ▹ Human error
  21. ▹ IDS/IPS
  22. ▹ Image rights
  23. ▹ Impact
  24. ▹ Integrity
  25. ▹ Internet and copyright
  26. ▹ Legal Aspects
  27. ▹ LuxTrust
  28. ▹ Malicious Codes
  29. ▹ Malicious websites
  30. ▹ Network segmentation
  31. ▹ Password
  32. ▹ Patches
  33. ▹ Phishing
  34. ▹ Physical faults
  35. ▹ Securing a fixed workstation
  36. ▹ Physical theft
  37. ▹ Recommendations for securing a file server
  38. ▹ Recommendations to secure a server connected to Internet
  39. ▹ Recommendations to secure a Web server
  40. ▹ Removable devices
  41. ▹ Risk processing
  42. ▹ Spam – unwanted emails
  43. ▹ SSL/TLS – encryption technologies on the web
  44. ▹ Update softwares with Secunia PSI
  45. ▹ Security Charter
  46. ▹ Social engineering
  47. ▹ Threat
  48. ▹ Virtual Private Networks (VPNs)
  49. ▹ Vulnerabilities
  50. ▹ Web of Trust - WOT
  51. ▹ Web filter – Proxy
  52. ▹ Why is it important to protect your computer?

Physical theft

In brief

A thief takes other people’s property by force or without them knowing. A theft can take place on all the items making up the stock of computer equipment. Such thefts may be committed in the premises of a company or while computer hardware is in transit.

Alongside theft, the loss of computer equipment can have a sizeable impact on the person involved.

What items are we talking about?

There are many items that can be stolen or lost, and it is almost impossible to draw up an exhaustive list.

The equipment that is stolen most often are:

Laptop computers

Having a considerable market value, high storage capacity, along with their small size makes laptop computers the targets of choice with regard to physical theft.

Removable storage media

This type of theft is less well known and at first glance may appear less dramatic, but it can have harmful consequences on the company concerned.

The theft of magnetic storage media (tapes, hard drives), optical storage media such as CDs (Compact Discs), DVDs (Digital Versatile Discs) or electronics such as USB sticks (Universal Serial Bus), used for the purposes of security copies, main storage or backups, is very common and enables the theft of large quantities of data.

Mobile phones

All the synchronisation functionalities between “GSM” and IT solutions clearly indicates that these items should be considered as part of the data processing chain.

What are the impacts?

The theft of IT equipment can lead to serious consequences. The damage suffered can be:

The value of the equipment or storage media

In the case of theft of equipment or storage media, the initial damage is certainly the financial loss owing to the cost of replacing the stolen hardware.

With regard to the theft of mobile phones, communications costs generated by the thief before the mobile phone is blocked by the service provider can be added to this.

Loss/theft of data

Depending on the use made of the stolen or found equipment, there could be a number of impacts with significant damage, such as loss of expertise, industrial espionage, disclosure of private information, loss of reputation for the relevant person, loss of financial data, loss of logical access keys, etc..

The damage for the people concerned is entirely different depending on the use of the hardware (reformatting to enable other usages, illegal use to penetrate a network, sale of data).

Software theft

The theft of laptop computers obviously involves the theft of all the software installed on this equipment. This includes public software and also software developed specially for the needs of the individual/company/administration.

Access to networks

The theft of equipment capable of connecting to a network or to other peripherals via wireless network technology or via remote access enables illicit connection to the network belonging to the person concerned. This access can be used to steal more information or to inflict other damage.

Loss of productivity

The lack of availability of this equipment often makes it impossible for the victim to get their work done. This loss of productivity relating to the loss of documents and applications can lead to a significant workload simply to restore the data and software to its original state at the time of the theft or loss. This is particularly true if the person concerned does not have any recent backups.

Identity theft

It is highly likely that the person responsible for the theft, if they have any computer expertise, is able to use software such as email or e-banking type software while impersonating the legal owner. It is clear that in this case the financial damage can quickly reach considerable sums.

What are the vulnerabilities exploited?

Unfortunately, it is not possible to do away with all vulnerabilities, but we have to try to limit the potential impacts through checks, preventive measures and detection mechanisms.

Physical security

Effective access control for offices and computer rooms must be introduced. Remote access management should be rigorously monitored.

Human errors

It is statistically proven that human error, lack of foresight, negligence or losses and omissions remain the biggest source of the loss of computer equipment.

How can we protect ourselves?

It is worth pointing out the difference between preventive measures, whose role is to prevent this type of event from arising, and other measures, the aim of which is to detect and monitor this type of event, or even to limit the impact.

Procedures

The existence of a security policy, its internal publication, respect and monitoring of procedures relating to the use, transportation and storage of digital storage media enable you to substantially reduce the loss or theft of digital media. (SMEs: see Physical and environmental security policy and Systems development and maintenance policy and policy on Operational and communications aspects)

The existence and compliance with the procedures to apply in the event of the theft or loss of data, such as filtering network access based on MAC (Media Access Control) address or other, the withdrawal of remote access, the blocking of VPN clients (Virtual Private Network) or changing all user passwords are crucial measures to limit impact.

This countermeasure cannot be said to be preventive, even if its presence and communication may discourage thefts internally.

Hardware inventory management

Only a detailed inventory will enable remote access (access management) from stolen equipment to be refused and it could be used as the basis for dialogue with the insurer.

Limits on the use of external storage media

The number of thefts or losses of digital storage media (disks, CD ROMs, etc.) is proportional to the number of storage devices in circulation. It may therefore be of interest to firstly limit and secondly monitor the usage of such media (SMEs: see Insertion or removal of hardware).

The blockage of certain peripherals such as USB ports (Universal Serial Bus) can avoid the illicit use of certain storage media devices.

This countermeasure can be qualified as preventive.

The use of cable locks

Small mechanisms are available for purchase which enable laptop computers to be attached to furniture. Although these unfortunately often fail to prevent thefts from occurring, they still make each attempt at theft a longer and more visible task.

This countermeasure can be qualified as preventive.

Password protection – encryption

It is strongly advisable to use specialist software to encrypt data saved on laptop computers. These tools make it almost impossible to use stolen data. (Example: TrueCrypt)

As always, make sure you use “strong” passwords.

Encryption is an effective protection against loss of confidentiality in the event of theft.

This countermeasure can be qualified as preventive.

Equipment marking

Whether using stickers or engraving, the marking of computer equipment remains a significant dissuasive factor against theft.

This countermeasure can be qualified as preventive.

Table of Contents